A scheme to label Internet of Things devices that meet more stringent security standards has been proposed by the US Democrats, responding to mounting concerns about the safety of connected gadgets. The idea, dubbed the Cyber Shield Act of 2017, was put forward by Congressman Ted W. Lieu (D | Los Angeles County) and Senator Edward J. Markey (D-Mass.) today. In addition to a labeling scheme that compliant IoT devices would bear, if passed it would also be responsible for establishing a best-practices advisory committee.
While many companies – predominantly those making chipsets for IoT devices – have released new products with more stringent security, the segment as a whole, and the risks it brings, are still poorly understood by consumers. The Cyber Shield Act would go some way to address that, creating a number of so-called “cybersecurity benchmarks” across categories including connected cameras, baby monitors, and cellphones.
“The IoT will also stand for the Internet of Threats unless we put in place appropriate cybersecurity safeguards,” Senator Markey said today. “With as many as 50 billion IoT devices projected to be in our pockets and homes by 2020, cybersecurity will continue to pose a direct threat to economic prosperity, privacy, and our nation’s security.”
Use of the standards would be voluntary, not mandatory, so it would be up to individual manufacturers to decide whether to participate in the scheme. According to the bill, there’s the potential for several “grades” of compliance, which could mean different types of badge or label depending on how closely the product meets security benchmarks. Criteria for each category would be reviewed at least every two years, in an attempt to keep the scheme relevant in the evolving IoT landscape.